fix: cors config

Soongsil-CoffeeChat · May 11, 2024 · 05d2d1f · 05d2d1f
1 parent 34fd8d5
commit 05d2d1f
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 17 deletions.
diff --git a/src/main/java/com/soongsil/CoffeeChat/config/SecurityConfig.java b/src/main/java/com/soongsil/CoffeeChat/config/SecurityConfig.java
@@ -57,25 +57,21 @@ public RoleHierarchy roleHierarchy() {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.cors(corsCustomizer -> corsCustomizer.configurationSource(new CorsConfigurationSource() {
+			.cors(corsCustomizer -> corsCustomizer.configurationSource(request -> {
 
-				@Override
-				public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
+				CorsConfiguration configuration = new CorsConfiguration();
 
-					CorsConfiguration configuration = new CorsConfiguration();
+				configuration.setAllowedOrigins(Collections.singletonList("http://localhost:3000")); //프론트 서버의 주소
+				configuration.setAllowedMethods(Collections.singletonList("*"));  //GET, POST, PUT등 모든 요청 허용
+				configuration.setAllowCredentials(true);
+				configuration.setAllowedHeaders(Collections.singletonList("*"));  //모든 헤더 허용
+				configuration.setMaxAge(3600L);
 
-					configuration.setAllowedOrigins(Collections.singletonList("http://localhost:3000")); //프론트 서버의 주소
-					configuration.setAllowedMethods(Collections.singletonList("*"));  //GET, POST, PUT등 모든 요청 허용
-					configuration.setAllowCredentials(true);
-					configuration.setAllowedHeaders(Collections.singletonList("*"));  //모든 헤더 허용
-					configuration.setMaxAge(3600L);
+				configuration.setExposedHeaders(
+					Collections.singletonList("Set-Cookie"));  //우리가 줄 데이터를 웹페이지에서 보이게 하기
+				configuration.setExposedHeaders(Collections.singletonList("Authorization"));
 
-					configuration.setExposedHeaders(
-						Collections.singletonList("Set-Cookie"));  //우리가 줄 데이터를 웹페이지에서 보이게 하기
-					configuration.setExposedHeaders(Collections.singletonList("Authorization"));
-
-					return configuration;
-				}
+				return configuration;
 			}));
 		//csrf disable : stateless이기 때문에 끄기
 		http
@@ -109,11 +105,11 @@ public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
 			.authorizeHttpRequests((auth) -> auth
 				.requestMatchers("/").permitAll()
 				.requestMatchers("/reissue").permitAll()
+				.requestMatchers("/auth/email/**").permitAll()
 				.requestMatchers("/api/v1/user/**", "auth/**").hasRole("USER")
 				//.requestMatchers("/api/v1/**").hasAnyRole("MENTEE", "MENTOR") //로그인 제외하면 다 멘티나 멘토 아니면 접근불가
 				.requestMatchers("api/v1/possibleDate/**").hasRole("MENTOR")
 				.requestMatchers("api/v1/mentor/**").hasRole("MENTEE")
-				.requestMatchers("/auth/email/**").permitAll()
 				.anyRequest().authenticated());
 		//세션 설정 : STATELESS (JWT로 인증 인가 사용할 것이므로)
 		http

diff --git a/src/main/java/com/soongsil/CoffeeChat/config/swagger/SwaggerConfig.java b/src/main/java/com/soongsil/CoffeeChat/config/swagger/SwaggerConfig.java
@@ -9,6 +9,7 @@
 import io.swagger.v3.oas.models.info.Info;
 import io.swagger.v3.oas.models.security.SecurityRequirement;
 import io.swagger.v3.oas.models.security.SecurityScheme;
+import io.swagger.v3.oas.models.servers.Server;
 
 @Configuration
 public class SwaggerConfig {
@@ -31,7 +32,7 @@ public OpenAPI openAPI() {
 		SecurityRequirement addSecurityItem = new SecurityRequirement();
 		addSecurityItem.addList("JWT");
 
-		return new OpenAPI()
+		return new OpenAPI().addServersItem(new Server().url("/"))
 			// Security 인증 컴포넌트 설정
 			.components(new Components().addSecuritySchemes("JWT", bearerAuth))
 			// API 마다 Security 인증 컴포넌트 설정